Oded Blatman is a strong believer in the convergence of business objectives with security imperatives. As a security and business leader, he is deeply committed to building world-class teams and taking a strategic approach to risk management that always balances the needs of the business with the realities of security.
“I’m good at taking companies and building innovative security strategies and programs to help meet future business objectives,” said Blatman, Chief Information Officer and Chief Information Security Officer at Fireblocks, whose platform allows financial institutions to securely manage digital assets and cryptocurrencies across a wide range of products and services.
“My expertise is building and guiding high-performing teams of experts, and bringing the right strategy in a holistic program to help the company realize its strategic business goals three or four years out.”
Blatman’s professional journey has taken him from a long career in defense to cloud software, finance, and now Fireblocks, where the many strands of his experience come together in what he considers the apex of his career.
“I needed to utilize all my knowledge in finance, defense and cloud computing and security to meet the challenge of Fireblocks. Fireblocks is a place where I put all my knowledge, skillsets and dreams in one place.”
Having founded two startups himself and worked at major companies, Blatman adamantly believes that CISOs need to see the wider picture of the business and its goals, stakeholders, constraints and dependencies. They also need to be strategic planners, with visions of where they want to be two to three years out.
Because CISOs can’t make their companies 100% bulletproof, they have to balance risk, threats and operational usages delicately, he said.
“If you cannot balance and work in the gray area, and you’re only black and white, you will not succeed,” he said. “The art is managing the risk.”
CISOs definitely should be sitting around the leadership table as executives, reporting to CEOs, Blatman added.
“They have to translate business and financial objectives to infrastructure that should be secure and innovative, and bring efficiency in everything that the business is doing,” he said.
He envisions the role merging with the position of Chief Information Officer or Technological Chief Operating Officer, especially at medium and small companies, to streamline processes and enhance operational efficiency.
“I truly believe that for medium and small companies, the CIO and CISO merger makes the work
much more efficient,” said Blatman, who has served in that dual role twice.
“Both must analyze the business objectives and translate them into a practical work stream while understanding efficiencies and other stakeholders requirements. A CISO-CIO can streamline a lot of the pain points. Everything can get prioritized more efficiently for the business, with information systems and security working in harmony rather than conflict. It’s providing the business with information and technological infrastructure that is both efficient and secure in the first place, without prioritizing one over the other.”
Blatman began his professional road at Israel Aerospace Industries, a leading Israeli defense company.
“I was fascinated by the challenge of taking really big projects, analyzing them, finding technological solutions, then tailoring all the technological pieces back together and making sure that this system is serving its purpose of protecting citizens or critical assets,” he said. “Working for the defense industry, with cutting edge technologies, and doing a lot of sophisticated innovation engineering to provide systems that save lives gives you a sense of purpose.”
Burgeoning demand for cybersecurity spurred him to leave IAI after 11 years to open his own companies. One developed offensive security for critical markets, while the other consulted on technology and strategy. That experience matured his perception of conducting business by exposing him to things outside the scope of security like go-to-market strategies, finance, product development and R&D.
“It enabled me to understand the business aspect of where technology and IT and security fit in the business,” Blatman said. “That’s become a really important thing for CISOs these days. They’re expected to be business leaders, and not just to keep the place secure at all costs.”
In the ensuing years, he rejoined IAI as CISO, then pivoted away from defense to become CIO and CISO at ClickSoftware, a cloud technology company later acquired by Salesforce. He led the M&A security due diligence for the $1.4 billion acquisition, which had faltered a year earlier over security concerns.
“It was the first time I actually led a global operation of strategic long-term planning,” he said. “That was a significant transition from where I had been.”
After the acquisition, he stayed on for another year, becoming part of one of the biggest security teams in the world. A desire to learn about the financial industry took him to Bank Hapoalim, where as CISO, he led global security activities for Israel’s largest bank. From there, he moved on to Fireblocks.
Fireblocks provides a suite of applications to manage digital asset operations and a complete development platform to build business on the blockchain. As a digital assets company, it must
be at the high end of security.
To succeed, a CISO has to get the engagement of the different stakeholders in the company. The art is to balance the business and other stakeholders’ objectives with security, Blatman said.
“This doesn’t mean that security is deprioritized, but it does mean managing risk between security and operations,” he said. “I believe a good security practice is about implementing direct and compensating security controls that will enable the company to keep its operations trajectory but still do it in a secure manner.”
Communication between the security team, management and peers is therefore key – as it is for any CISO, he added.
“Many CISOs come with the attitude, my way or the highway. That doesn’t scale. It needs to be a team effort,” Blatman said.
Because of the nature of crypto and related security threats, Fireblocks invests heavily in innovations and putting the highest bar of resiliency and protection in its technological stack, the development processes, monitoring and the security culture.
It’s also always on the lookout for the next wave of threats and therefore engages with many early-stage startups, serving as a beta site for promising technologies and integrating useful platforms.
Ultimately, however, Blatman’s guiding principle is that “everything you do is around people.”
“People are not machines. They want to be developed. They want to be heard. They want to be reinforced and backed up, especially when they’re failing. And failing is part of the business, because if you’re not failing, you’re probably not doing something that is sophisticated and meaningful enough or innovative enough to move the needle. Take care of your people. You’re as successful as they are.”
For many years, Blatman had no outside hobbies, because time was too short. It took a toll, and he is painfully aware of the burnout sweeping across the industry. But about a year and a half ago, after his young son left him alone with the Lego model they were playing with, he began to take an interest in crafting, building airplanes and other models.
“It gives me tons of joy, disconnecting for hours,” he said. “It gives me silence to paint and be creative, and learn new things like putting in electricity, and doing programming that I haven’t done for a long time.”
He also likes to cook and hang out with his three children.
“It’s really important to have something outside of work; otherwise CISOs burn out very fast,” he said. “You’ve got to have some other things in mind besides risk, 24/7 operations and security all the time.”